Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Smart TV. Show all posts
User Privacy
ACR Online Security Smart TV Technology User Privacy

Here's How to Stop Smart TV From Harvesting Your Personal Data

 

Watching television seems to be a benign pastime, but as all TVs become "smart" and link to the internet via your network, they will be able to track you as well. When you turn on a smart TV from LG, Samsung, or Sony, data is collected from the TV itself, as well as the operating system and apps. Then there are the gadgets you connect to your television, like Google's Chromecast, Apple TV, and Amazon's Fire Stick. 

A TV is now more than just a screen for entertainment; it's a two-way mirror that lets a network of data brokers and advertisers watch you in real time, stated Rowenna Fielding, director of data protection consultancy Miss IG Geek. “The purpose of this is to gather as much information as possible about your behaviour, interests, preferences and demographics so it can be monetised, mainly through targeted advertising.”

Your smart TV's data collection relies on the manufacturer, brand, and version. In theory, most smart TVs can gather audio, video, and TV usage data, according to Toby Lewis, global head of threat analysis at cybersecurity firm Darktrace. 

Voice activation is a function that has the ability to collect significant volumes of data. Microphones and software listen for instructions and can record conversations and other noises within range. These recordings can be sent to third parties for analysis. 

What does your TV do with the data?

There is no clear answer. According to Lewis, what is done with the data is complex and "highly opaque". When looking at what a smart TV does on the network, it is often unclear why certain data is being harvested and where it is being sent.

There isn't much distinction between television brands. Manufacturers claim to utilise your information for "personalisation" and content quality, although it is usual to sell anonymous or semi-anonymized data to third parties, advertising companies, or streaming services. 

“After the data has been sold, it is out of the manufacturer’s control,” Lewis explains. "It is often unclear what data exactly is being sent back, depending on the T&Cs and privacy settings, and it can be very difficult to change default settings once you have agreed to them.”

What is Automatic Content Recognition (ACR)? 

Automated content recognition (ACR) is one alarming feature to keep an eye out for. This feature, which is frequently enabled by default, uses analytical techniques to detect video and audio on the TV and compares it to a large database to determine what is playing. It's fairly disturbing stuff; ACR works on anything played on television, including DVDs, Blu-rays, CDs, and games.

Jake Moore, global cybersecurity adviser at security company ESET, explains that viewing data and habits are shared with manufacturers and eventually sold to advertisers in order to target you with adverts. When your TV is connected to your home router, data will include your IP address and position.

Lewis adds that ACR may theoretically be utilised for even more ominous profiling. "Data from facial recognition, sentiment analysis, speech-to-text, and content analysis could be gathered to build an in-depth picture of an individual user with the analytical technologies available." 

Lewis suggests that rather than comparing material to a catalogue of well-known films, ACR may theoretically be examined for factors like political stance, ethnicity, social status, and other characteristics that could be misused. 

Safety tips 

Smart TVs will gather data as long as they are connected to the internet, and it is impossible to prevent this from happening. In many cases, doing so is not in your best interests because it will interfere with your viewing experience; for example, Netflix's useful suggestions tool. 

However, there are several simple steps you may take to protect yourself from smart TV snooping. Turn off ACR in the settings, disable customisation, opt out of all advertising features, and hide or disable cameras and microphones. 

It's also vital to secure your router by changing the password and creating a guest network. You may increase security by opting out of online tracking when it's provided and installing software updates as soon as possible.
Read more »
Vulnerabilities and Exploits
IoT devices Smart TV Threat Landscape Unauthorized access Vulnerabilities and Exploits

91,000 Smart LG TV Devices Susceptible to Unauthorised Remote Access

 

New vulnerabilities have been discovered in LG TVs that could allow unauthorised access to the devices' root systems, possibly exposing thousands of units worldwide. 

The finding, made as part of Bitdefender's continuing inspection of the popular Internet of Things (IoT) technology, focuses on vulnerabilities in WebOS versions 4-7, which are used in LG sets. The detected flaws allow unauthorised access to the TV's root system by circumventing the permission process. 

Despite its intended use for LAN access only, Shodan, an internet-connected device search engine, has identified over 91,000 devices that expose this service to the internet. 

Among the uncovered flaws, CVE-2023-6317 stands out because it allows attackers to bypass authorization methods, allowing unauthorised access to the TV's root system. Additionally, CVE-2023-6318 enables attackers to extend their access to root privileges, heightening the security risk. 

Furthermore, CVE-2023-6319 allows for the injection of operating system commands, whilst CVE-2023-6320 enables authenticated command injection. The concerned models are LG43UM7000PLA, OLED55CXPUA, OLED48C1PUB, and OLED55A23LA. Devices running WebOS versions 4.9.7 through 7.3.1 have been confirmed to be impacted. 

“Attackers could use the compromised Smart TV as a starting point to launch additional attacks against remote systems or hosts,” noted Thomas Richards, principal security consultant at the Synopsys Software Integrity Group.

According to the cybersecurity expert, if attackers get administrator access to the TV, the user's personal information, including login passwords, can be compromised. 

“Smart TV owners should not have their TVs directly connected to the internet. Keeping the TV behind a router will reduce the likelihood of a compromise since remote attackers will not be able to reach it,” Richards added. “Enabling the automatic update option on the TV will keep the TV up to date with vendor patches to remediate security risks.” 

Bitdefender's disclosure timetable highlighted the approach followed, with vendor notice taking place on November 1, 2023, some months before a fix delivery on March 22, 2024. In the face of emerging threats, prompt patching and upgrades are critical to minimising possible risks, safeguarding user privacy, and enhancing device security.
Read more »
Tech Industry
Android Backdoor Financial Fraud Personal Data Privacy Smart TV Supply Chain Attack Tech Industry

Discovering the Threat from Android TV Backdoors

Android TV streaming boxes are already commonplace in homes all over the world because they provide an easy method to access a wealth of content. A pernicious backdoor that poses a serious risk to user security and privacy, however, is concealed within some of these devices.

Recent investigations have revealed the worrying ubiquity of this backdoor, which permits unauthorized access to critical data. Reputable reports emphasize the severity of this problem, shocking the tech industry.

The backdoor, dubbed 'BADBOX,' has been found in thousands of Android TV boxes, turning them into potential ticking time bombs. It allows cybercriminals to gain unrestricted access to personal data, opening the door to identity theft, financial fraud, and other malicious activities. What's even more alarming is that this backdoor is notoriously difficult to detect and eliminate, as it's deeply embedded in the device's firmware.

Experts warn that these compromised devices are not limited to a specific brand or model. In fact, they are spread across various manufacturers, making it a widespread issue that affects a broad spectrum of users. This has raised concerns about the supply chain integrity of these devices, prompting calls for stricter quality control measures.

The implications of this security breach are far-reaching. Families, individuals, and businesses alike are at risk of falling victim to cyberattacks, putting their sensitive information in the wrong hands. As we increasingly rely on smart technology for convenience and entertainment, the need for robust cybersecurity measures has never been more pressing.

To combat this threat, manufacturers, government agencies, and cybersecurity specialists are working nonstop. Users are being urged to exercise caution and maintain their devices patched with the most recent security updates. Customers are also encouraged to buy equipment from reliable vendors and to exercise caution when contemplating unofficial or off-brand retailers.

The discovery of the Android TV backdoor is a sobering reminder of how rapidly cybersecurity dangers are changing. Our attempts to protect our digital lives must grow at the same rate as technology. We can all work together to create a better and more secure digital future by remaining informed, implementing best practices, and supporting industry-wide initiatives.
Read more »
Smart TV
malware Samsung Smart TV

Samsung advised its smart TV customers to scan for malware




Samsung recently advised smart TV users’ to scan their devices regularly as it is susceptible to malware just like PCs.

The company tweeted through their US Support Twitter account but later deleted the tweet without any reason. 

The tweet read: “Scanning your computer for malware viruses is important to keep it running smoothly. This also is true for your QLED TV if it’s connected to Wi-Fi! Prevent malicious software attacks on your TV by scanning for viruses on your TV every few weeks.”

The tweet also had a demonstration video showing how to scan your Samsung TV. 

This action has raised a question whether its smart TVs are vulnerable to virus attacks.

However, the firm clarified that the tweet was a response to a query made by a customer and nothing to worry. 

Scanning smart TV is really easy. Go to the settings menu on your Samsung TV and then select General. Click on System Manager and scroll down to Smart Security. 

Click on Smart Security, then select Scan and your Samsung TV will start scanning for viruses and malware.




Read more »
Subscribe to: Posts (Atom)